Overview

overview

8

Static

static

6

70998cf546...18.apk

android-9-x86

8

70998cf546...18.apk

android-10-x64

8

70998cf546...18.apk

android-11-x64

8

vlocker_de...me.apk

android-9-x86

7

vlocker_de...me.apk

android-10-x64

7

vlocker_de...me.apk

android-11-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    70998cf5462849c3d23c6cf97f250109_JaffaCakes118

  • Size

    1.6MB

  • Sample

    240525-c5akmsbf4x

  • MD5

    70998cf5462849c3d23c6cf97f250109

  • SHA1

    5f1ff393e2e4428376d06be87aae79c029b7fb39

  • SHA256

    ebd45f2c42a49f46aca69b686dfeeb13e7c1e523139ce5c1f8667da5196c4d78

  • SHA512

    a9e1b7f1feb0ffb31de6865c173079ad6f5d5676dca17622d28b5ef3ff2b344fadd1f755e227c75d0882e100f0cdb6eb323b7131955fceb1fe67c239983a3707

  • SSDEEP

    24576:AXVhH2fhEoeP4pdr84ru+/oNwWsbdMTl6t8CcHWCH2ubqU/H96h:YWfGQPrucoNHQol6yZWCWai

Score
8/10
androiddiscoveryevasionimpactpersistence

Malware Config

Targets

    • Target

      70998cf5462849c3d23c6cf97f250109_JaffaCakes118

    • Size

      1.6MB

    • MD5

      70998cf5462849c3d23c6cf97f250109

    • SHA1

      5f1ff393e2e4428376d06be87aae79c029b7fb39

    • SHA256

      ebd45f2c42a49f46aca69b686dfeeb13e7c1e523139ce5c1f8667da5196c4d78

    • SHA512

      a9e1b7f1feb0ffb31de6865c173079ad6f5d5676dca17622d28b5ef3ff2b344fadd1f755e227c75d0882e100f0cdb6eb323b7131955fceb1fe67c239983a3707

    • SSDEEP

      24576:AXVhH2fhEoeP4pdr84ru+/oNwWsbdMTl6t8CcHWCH2ubqU/H96h:YWfGQPrucoNHQol6yZWCWai

    Score
    8/10
    discoveryevasionimpactpersistence

    • Prevents application removal

      Application may abuse the framework's APIs to prevent removal.

      evasion

    • Queries information about running processes on the device

      Application may abuse the framework's APIs to collect information about running processes on the device.

      discovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Registers a broadcast receiver at runtime (usually for listening for system events)

      persistence

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery
    behavioral1behavioral2behavioral3

    • Target

      vlocker_default_theme.mx

    • Size

      768KB

    • MD5

      07c4fe4c0133afe38c2e6e73237c7071

    • SHA1

      c4043c11ed2e28e43d637f95e9f19d763ba5d37c

    • SHA256

      de74e14818f4313157aaf3544e3627ad3c76277625f64e1e0321dc445dc5afc6

    • SHA512

      a61fafdea86410ed64a8e40be48e899e62c35b8f76e350f5fd5d77bd120507495c052b81833a5e357e9a5ac3651b3e325c033b21fcfbe1064752cd31ab9ed953

    • SSDEEP

      12288:NEXVh9x8WUfyAfPf8fyfaNf6fZf3fofU9fffffffffffffNfa+ElGiLKK6U5+Ff/:KXVhH2fhEoeP4pdr84ru+/oNwn

    Score
    7/10
    discoveryevasion

    • Checks CPU information

      Checks CPU information which indicate if the system is an emulator.

      evasiondiscovery

    • Queries information about the current Wi-Fi connection

      Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

      discovery

    • Checks if the internet connection is available

      discovery

    • Queries the unique device ID (IMEI, MEID, IMSI)

      discovery

    • Reads information about phone network operator.

      discovery
    behavioral4behavioral5behavioral6

MITRE ATT&CK Mobile v15

Tasks